CVS commit: [netbsd-8] src

Wed, 22 Feb 2023 11:32:31 -0800 

Module Name:    src
Committed By:   martin
Date:           Wed Feb 22 19:32:23 UTC 2023

Modified Files:
        src/crypto/external/bsd/openssh/bin [netbsd-8]: Makefile
        src/etc/bluetooth [netbsd-8]: Makefile
        src/etc/iscsi [netbsd-8]: Makefile
        src/etc/root [netbsd-8]: Makefile
        src/etc/ssh [netbsd-8]: Makefile
        src/external/ibm-public/postfix/etc [netbsd-8]: Makefile
        src/usr.bin/mail [netbsd-8]: Makefile

Log Message:
Pull up following revision(s) (requested by riastradh in ticket #1800):

        etc/ssh/Makefile: revision 1.4
        usr.bin/mail/Makefile: revision 1.41
        external/ibm-public/postfix/etc/Makefile: revision 1.2
        etc/bluetooth/Makefile: revision 1.6
        crypto/external/bsd/openssh/bin/Makefile: revision 1.5
        etc/root/Makefile: revision 1.5
        etc/iscsi/Makefile: revision 1.4

/root: Install .cshrc and .profile links with the same mode.

Previously we would:

1. Install /root/.cshrc and /root/.profile with mode FILESMODE=644 as
   requested in src/etc/root/Makefile and as echoed in
   /etc/mtree/special.
2. Create hard links at /.cshrc and /.profile through CONFIGLINKS.
3. Because LINKSMODE was unset and defaults to NOBINMODE=444, change
   the mode to 444.

This scenario is confusing, and mtree objects to it, which is bad for
warning fatigue in a security-relevant mechanism.  (There are also
several other files mtree objects to out of the box -- we should fix
those too.)

With this change we install the links with the same mode as the
original files, in agreement with the mtree.  The files, .cshrc and
.profile, are intended to be editable configuration files, so 644
makes sense while 444 makes no sense and gets in the way of editors
like vi.

Discussed on tech-userlevel:
https://mail-index.netbsd.org/tech-userlevel/2022/08/29/msg013498.html

etc: Fix permissions of various editable configuration files.

This way they match the mtree and make sense and don't cause editors
to ask to override read-only files when editing them.

Exception: Not sure /etc/bluetooth/protocols makes as much sense to
edit, but the mtree says 644, so if you want to change it, make sure
to change it in both places -- Makefile and mtree.

/etc/ssh: Install ssh_known_hosts with mode 644.
Makes it agree with the mtree and more convenient for admin to edit.


To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.3.40.1 src/crypto/external/bsd/openssh/bin/Makefile
cvs rdiff -u -r1.5 -r1.5.58.1 src/etc/bluetooth/Makefile
cvs rdiff -u -r1.3 -r1.3.80.1 src/etc/iscsi/Makefile
cvs rdiff -u -r1.4 -r1.4.24.1 src/etc/root/Makefile
cvs rdiff -u -r1.3 -r1.3.2.1 src/etc/ssh/Makefile
cvs rdiff -u -r1.1 -r1.1.42.1 src/external/ibm-public/postfix/etc/Makefile
cvs rdiff -u -r1.36 -r1.36.16.1 src/usr.bin/mail/Makefile

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/crypto/external/bsd/openssh/bin/Makefile
diff -u src/crypto/external/bsd/openssh/bin/Makefile:1.3 src/crypto/external/bsd/openssh/bin/Makefile:1.3.40.1
--- src/crypto/external/bsd/openssh/bin/Makefile:1.3	Sun Nov 21 19:19:21 2010
+++ src/crypto/external/bsd/openssh/bin/Makefile	Wed Feb 22 19:32:23 2023
@@ -1,4 +1,4 @@
-#	$NetBSD: Makefile,v 1.3 2010/11/21 19:19:21 adam Exp $
+#	$NetBSD: Makefile,v 1.3.40.1 2023/02/22 19:32:23 martin Exp $
 
 .include <bsd.own.mk>
 
@@ -11,7 +11,9 @@ SUBDIR=	ssh sshd ssh-add ssh-keygen ssh-
 .MADE: moduli
 CONFIGFILES=	ssh_config sshd_config moduli
 FILESDIR=	/etc/ssh
+FILESMODE=	644
 FILESDIR_moduli=/etc
+FILESMODE_moduli=444
 
 .include <bsd.files.mk>
 .include <bsd.subdir.mk>

Index: src/etc/bluetooth/Makefile
diff -u src/etc/bluetooth/Makefile:1.5 src/etc/bluetooth/Makefile:1.5.58.1
--- src/etc/bluetooth/Makefile:1.5	Tue Apr 15 11:17:47 2008
+++ src/etc/bluetooth/Makefile	Wed Feb 22 19:32:23 2023
@@ -1,6 +1,7 @@
-# $NetBSD: Makefile,v 1.5 2008/04/15 11:17:47 plunky Exp $
+# $NetBSD: Makefile,v 1.5.58.1 2023/02/22 19:32:23 martin Exp $
 
 CONFIGFILES=	btattach.conf btdevctl.conf hosts protocols
 FILESDIR=	/etc/bluetooth
+FILESMODE=	644
 
 .include <bsd.prog.mk>

Index: src/etc/iscsi/Makefile
diff -u src/etc/iscsi/Makefile:1.3 src/etc/iscsi/Makefile:1.3.80.1
--- src/etc/iscsi/Makefile:1.3	Sat Jun 24 05:14:01 2006
+++ src/etc/iscsi/Makefile	Wed Feb 22 19:32:23 2023
@@ -1,4 +1,4 @@
-#	$NetBSD: Makefile,v 1.3 2006/06/24 05:14:01 mrg Exp $
+#	$NetBSD: Makefile,v 1.3.80.1 2023/02/22 19:32:23 martin Exp $
 
 .include <bsd.own.mk>
 
@@ -7,6 +7,7 @@
 CONFIGFILES=    	auths targets
 FILESDIR=       	/etc/iscsi
 FILESMODE_auths=	0600
+FILESMODE_targets=	0644
 
 .endif
 

Index: src/etc/root/Makefile
diff -u src/etc/root/Makefile:1.4 src/etc/root/Makefile:1.4.24.1
--- src/etc/root/Makefile:1.4	Sat Nov 17 23:08:38 2012
+++ src/etc/root/Makefile	Wed Feb 22 19:32:23 2023
@@ -1,4 +1,4 @@
-#	$NetBSD: Makefile,v 1.4 2012/11/17 23:08:38 uwe Exp $
+#	$NetBSD: Makefile,v 1.4.24.1 2023/02/22 19:32:23 martin Exp $
 
 CONFIGFILES=		dot.cshrc dot.klogin dot.login dot.profile dot.shrc
 
@@ -12,5 +12,7 @@ FILESNAME_${F}=		${F:S/dot//}
 CONFIGLINKS=		/root/.cshrc	/.cshrc \
 			/root/.profile	/.profile
 
+LINKSMODE=		${FILESMODE}
+
 .include <bsd.files.mk>
 .include <bsd.links.mk>

Index: src/etc/ssh/Makefile
diff -u src/etc/ssh/Makefile:1.3 src/etc/ssh/Makefile:1.3.2.1
--- src/etc/ssh/Makefile:1.3	Sun May 21 15:28:38 2017
+++ src/etc/ssh/Makefile	Wed Feb 22 19:32:22 2023
@@ -1,8 +1,9 @@
-#	$NetBSD: Makefile,v 1.3 2017/05/21 15:28:38 riastradh Exp $
+#	$NetBSD: Makefile,v 1.3.2.1 2023/02/22 19:32:22 martin Exp $
 
 .include <bsd.own.mk>
 
 CONFIGFILES=	ssh_known_hosts
 FILESDIR=	/etc/ssh
+FILESMODE=	644
 
 .include <bsd.prog.mk>

Index: src/external/ibm-public/postfix/etc/Makefile
diff -u src/external/ibm-public/postfix/etc/Makefile:1.1 src/external/ibm-public/postfix/etc/Makefile:1.1.42.1
--- src/external/ibm-public/postfix/etc/Makefile:1.1	Thu Jun 25 18:21:51 2009
+++ src/external/ibm-public/postfix/etc/Makefile	Wed Feb 22 19:32:22 2023
@@ -1,4 +1,4 @@
-#	$NetBSD: Makefile,v 1.1 2009/06/25 18:21:51 tron Exp $
+#	$NetBSD: Makefile,v 1.1.42.1 2023/02/22 19:32:22 martin Exp $
 
 .include <bsd.own.mk>
 
@@ -14,5 +14,7 @@ FILESDIR=	${PFIX_ETCDIR}
 # needed by default.
 #
 CONFIGFILES=	main.cf master.cf README
+FILESMODE=	644
+FILESMODE_README=444
 
 .include <bsd.prog.mk>

Index: src/usr.bin/mail/Makefile
diff -u src/usr.bin/mail/Makefile:1.36 src/usr.bin/mail/Makefile:1.36.16.1
--- src/usr.bin/mail/Makefile:1.36	Sat Jul  5 19:22:04 2014
+++ src/usr.bin/mail/Makefile	Wed Feb 22 19:32:22 2023
@@ -1,4 +1,4 @@
-#	$NetBSD: Makefile,v 1.36 2014/07/05 19:22:04 dholland Exp $
+#	$NetBSD: Makefile,v 1.36.16.1 2023/02/22 19:32:22 martin Exp $
 #	@(#)Makefile	8.3 (Berkeley) 4/20/95
 
 .include <bsd.own.mk>
@@ -75,6 +75,7 @@ SUBDIR+= USD.doc
 
 CONFIGFILES=		mail.rc
 FILESDIR_mail.rc=	/etc
+FILESMODE_mail.rc=	644
 
 COPTS.format.c += -Wno-format-nonliteral

Reply via email to